I am trying to hide the content of the folders on my website. I can redirect the anonymous user to the login page, when he try to access to prohibit individual pages, but when the user is regiestered in the website, he can see the folders' content. For example:
he types in the address www.mydomain.coma/account/ and he can see all the pages there: shoping.aspx, shoping.aspx.cs,
I'm wondering what would be the best solution for hidding a folder like for example "AdminFolder", and also .aspx pages inside this folder.
I have several pages inside "AdminFolder" which I (as "Administrator" :) ) plan to use for some background work on daily basis! I am using Membership shema and no one except me can not / or should not acces this area, but I'am afraid if web crawlers like google find and expose this part of my page in searching results!
I also need to create a second folder for PDF files which I also would like to hide (incl. PDF Files inside it) from web crawlers!
I am tring to hide a image in local folder by asp.net. How to get this.
send me a sample code ,I tring that filename.attributes.hidden
Listing folders in folders then creating arrays in JS for each of the folders?
Directory Structure:
I have a directory structure as follows;
ad_folder
--folderA
--folderB
--folderC
--anotherFolder
--etcfolder
--afile.aspx
--anotherfile.gif
ad_code
--folderA
--folderB
--afile.aspx
--anotherfile.gif
ad_prep
--folderA
--etcfolder
--afile.aspx
--anotherfile.gif
ad_bin
--etcfolder
--afile.aspx
--anotherfile.gif
other Folder
files folder
assetsfolder
index.aspx
web.config
image.gif
Task at hand:
I want code in VB.NET to create javascript arrays of the folder contents that can then be used on the client end. I only need arrays for all folders contained in folders starting with ad_ and an array for all the base folders . like so:
var folders=["ad_folder","ad_code","ad_prep","ad_bin"];
var ad_folder=["folderA","folderB","folderC","anotherFolder","etcfolder"];
var ad_code=["folderA","folderB"];
var ad_prep=["folderA","etcfolder"];
var ad_bin=["etcfolder"];
note that I do not know the number of or the names of the folders, they can be different in different cases, I only have the root path.
[code]...
With a Gridview, if I have a boundfield or templatefiled with visible="false" I can't get the data. I need access to some data of a field, but don't want to have it showing up in the gridview.How do I do that?
View 14 Repliesi got a web app where some users can upload to a folder images or files like pdfs.
Those users are authenticated by forms.
Well, in public areas, everyone can see those images and files.
I use for showing an httphandler, changing name, etc...
Id like to know if its possible set security like this:
- Folder with uploads, only with read permission for everyone that is not authenticated
- Folder with uploads, with write permission for authenticated users
Goal is that none can upload files if they are not autenticated and make the upload through the web form created for that.
I have a web app were every user has its own folder so that they can store documents. What i would like to do is protect a user's folder so that only the owner can access it.
Example:
Username: ricky
Folder: ~/Files/ricky/ --> Ricky can access his folder but can't access Diana's
Username: diana
Folder: ~/Files/diana/ --> Diana can access her folder but can't access Ricky's
I'm using membership provider for the user authentication.
I have a few computers (with Vista Business OS) connected in a private network. A C#.NET application running on one computer is currently able to access the network shared folders without problems. However, I am trying to get an ASP.NET application on that computer to access the same folders but I am getting "Access denied" errors. I added NETWORK SERVICE to all the shared folders' security (with full control) but it still gives the same errors.
View 4 RepliesI have implemented membership and enable role based on. I have 2 roles "admin" and "super_admin" and once the user login, I want to redirect them to different folder based on their role. My guess is, the redirection need to be determined once the user clicked login on the login control and here is my code.
[Code]....
However, whenever the user login (regardless of admin or super_admin) the page keeps redirection to Anyone/Default.aspx.
I'm using user membership and roles. Below is my web.config for subfolder restriction.
[Code]....
The way I have above, no one can access this folder, mySub, except Administrators, Editors, and Members. However, here's what I want. I want to allow all and any user to the default.aspx page of this mySub folder and denied any other pages if they're not Administrators, Editors, and Members. One last thing, also denied access to addWord.aspx if they're not Administrators and Editors. I know I can list all the pages and give them various permission but I do not want to list all the pages. What's the best and easist way to accomplish this?
When I link to a file in a web folder which is user/password protected on the host, I get a panel requiring me to enter the correct user id and password.
I would like to create a link in my form that provides the id and password without exposing it to the user. How can I do this?
In my project I have one folder called Administration (contains pages created for administrating the public part of the page) and in root I have public pages. What I want to do is to prevent anyone beside administrator to enter the Administration part and to make the Administration/Login.aspx default page for entering Administration part. This part makes me confused. I tried to create the access rules, but that wasn't the option because I upload the images to the Administration/Upload folder so if I deny the users the images on the public part can't be accessed.
The second problem I don't know how to solve is public part of the page where I want to allow commenting only to logged in users (users only, not the admin). How to check if user is logged in and authetificated and how to enable the commenting part of the form to him (textbox and submit button).
I'm developing ERP project with 4 modules or maybe will be more within (1 module I mean 1 project in VWD)
And now 1 of it project near complete, and now I want to move to next module
But in my scenario, I want my single login.aspx to access all of modules
Let say like this
root/login.aspx
root/app01/*.aspx
root/app02/*.aspx
root/app03/*.aspx
root/app04/*.aspx
The question is, is that correct of scenario (4 project for 4 module)? How was the correct best practice if there is? What if I create all of the module in 1 project in VWD? future maintenance handy and performance wise (and security of course).. and maybe for easier in development also :)
I am adapting a script I used for copying a CD on a local machine to work on a website. It works only if the CD to copy is physically in the server. This is not ideal as I would like the CD for copying to be in the client CD. So what would be an effective way to have the app point to the client CD drive instead of the server CD drive?
View 2 RepliesI am having issue with Https when i host my site on https i got warning "Contains unauthenitcated contents".
And site is not looks like that it has been host on https secure server. whole site look normal while on same domain few pages don't have such problem they working fine.
When i cheched it i found that the page where i have asp.net validation control causing problem once i remove it page start working fine.
At first I got an error that the user did not have permission to read the config file (web.config).
So I gave NETWORK SERVICE and IIS_IUSRS read on the website folders.
But now vistors can not access images and other static content from the Content folder without logging in. Aspx and .ashx content works however static content is redirected to the login page.
I am using the membership provider and am reasonably comfortable that all of my web pages are safe.Some of the pages contain hyperlinks to documents (pdf, xls, etc.) stored in a folder under the root of the web site. I have disabled the ability of users to anonymously list folder contents, but I don't see a way to keep anonymous users from accessing the documents if they know the specific URL for that document. Example; if the document contains a spreadsheet of current sales, I don't want an ex-employee (who captured the URL while working here) to be able to bring up the current document.asswording the documents isn't a good choice because there are hundreds and we'd like to avoid changing them all every time someone leaves, or weekly, or whenever...Is there a way to restrict access to all contents of a web folder to people who have been authenticated?
View 4 RepliesIn my web site I have a admin login page to edit the contents. Is it necessary that the default page has to be the login page..............Because in web.config file , under Authentication of Forms am using loginurl="MyLoginPage.aspx"......So is it compulsory that the Default.aspx =MyLoginPage.aspx.i mean to ask i should not change the name of default page or what?
View 5 RepliesI was following the tutorials from this two sites:
http://www.15seconds.com/issue/070104.htm
http://aspnet.4guysfromrolla.com/articles/020404-1.aspx
Following the first site, it had worked but when I´ve moved the pages and files to other folders and set the web.config file on this folder, now it won´t work at all!!!
The file is an *.swf object. I did put the asapi.dll to map the extension on the website root, I´ve put the
[Code]....
on the web.config new folder and on the web.config website´s root.
It won´t work!!! I can access the file directly!!! on the web.config of the folder that contains the file, there is a <deny users="*" /> line.
I have a pdf file, how can I extract the contents of the pdf file and show the contents in one of my web page
View 4 Repliesi want to get the contents of a textbox and set them to a asp label for output, we can cause a postback to if that makes it easier, so far i did this and it comes up trumps
View 11 Replies I've an application that has paramters in page
page.aspx?UserID=...
and in my page I've Request.QueryString...
is it possible to encrypt the page paramters for don't allow users to change the values?
I am trying to hide the admin files from normal users, however I get the following error:
Error 11 Unrecognized configuration section siteMap.C:projectsFamilyPhotoAlbum_VS_2010web.config 137
Below is the web.config:
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
WindowsMicrosoft.NetFrameworkv2.xConfig
[Code]....
Will someone point me to a tutorial on how to hide and denied access to certain pages based on what roles the user is in?
View 8 RepliesI have a gridview that has the following commandfields enabled:
[Code]....
Im working on custom security for the pages and on this page / gridview i need to be able to display the field based on permissions.
can edit a record, but not delete and so on.. So would i need to convert them into template fields? or can i manage that as its configured now?
And this would be a all or nothing.. so if you dont have permissions, the commandfield is not shown for ANY records in the gridiview. I have had in the past where certain links would be available for certain records and so on.. but not this time..